Provide IT infrastructure and information security consultation services to various clients. Conduct security stance assessments of organizations. Create information security policies for clients. Analyze traffic, logs, and Splunk alerts and triage to the point of action, such as removing malware, patching, or creating a firewall rules. Manage after action reporting and planning.Clients: The Clearing House, Amerihealth Caritas, Tapestry, Hudson Group, Wachtell, Lipton, Rosen & Katz, Realogy, Healthix, GAF

Provide guidance on QRadar upgrade and equipment migration Key Roles and Responsibilities:► Provide guidance on possible pathways to upgrade equipment►Provide project plan for upgrade

Provide guidance on QRadar UBA Configuration Key Roles and Responsibilities:►Provide Best Practices for QRadar UBA►Updated UBA Configurations

Provide guidance on sensitive data management, data loss prevention and data restoration. Manage data loss prevention program with Symantec DLP and assist with day-to-day sensitive data management and policy enforcement.Key Roles and Responsibilities:►Develop and field user quarantined items restoration program►Created sensitive data management of unstructured data enforcement and adherence program, workflow and playbooksand architecture for Quarantined Data Restoration

Provide guidance on threat hunting and mitigation, leadership, representation, and intervention. Manage data loss prevention program with Forcepoint and assist with day-to-day incident response.Key Roles and Responsibilities:►Track divisional and business unit metrics, results, data modelling, processing, and calculating and generate key performance indicators (KPIs) and reports►Develop and field user behavioral analysis (UBA) to enhance visibility into insider threat►Created information security upgrade program and insider threat program workflow and playbooks►Designed architecture for Splunk deployment

Assisted with Verodin/Splunk integration, migrating servers to the cloud, and setting up security.Key Roles and Responsibilities:►Configured, tuned, and maintained Symantec Security Analytics (Broadcom)►Created virtual machines for IS infrastructure

► Managed and maintained IBM QRadar.► Migrated and deployed QRadar to added organization

Managed Forescout, Forcepoint (Websense DLP), Fire Eye NX devices, and URL filter with Palo Alto Firewalls. Handled SOC internal and external system tickets and incident management.Key Roles and Responsibilities:►Owned SIEM management, selection, and renewal process►Assisted in configuring Splunk Core and analyzed and suggested logs►Facilitated migration from McAfee 5.1.2 to 5.3.2, deployed McAfee 5.9 and ENS 10.5.2 environment, migrated rule sets from McAfee EPO 5.9 to Carbon Black, and deployed Carbon Black Defense and Response

Oversaw threat hunting and mitigation and handled and managed incidents. Addressed security questionnaires, RFPs, and RFIs and handled customer/high value prospect calls as needed.Key Roles and Responsibilities:►Worked with service owners to develop a service roadmap►Assisted in configuring Splunk Core and analyzed and suggested logs►Configured Blue Coat URL filtering policy►Managed security vendors►Generated vulnerability reports with InsightVM►Created data loss prevention program►Managed Cisco Firepower

Handled and managed incidents and SOC internal and external system tickets and provided SOC level 2 support and analysis.Key Roles and Responsibilities:►Led emergency (e.g. zero day) vulnerability management process, including research, coordination, and escalation/communication to senior leadership►Owned SIEM management, selection, and renewal process►Analyzed and recommended web filtering and DLP systems►Assisted in rebuilding Forescout NAC

Handled and managed SOC internal and external system tickets and incidents and analyzed file changes in Carbon Black to mitigate possible CnC.Key Roles and Responsibilities:►Configured and created policy and rules for Cisco FireSIGHT, linked to Splunk, queried, generated reports, and analyzed logs►Implemented single sign-on (SSO)►Assisted in creating Palo Alto firewall rules and linked firewalls to Splunk

Handled SOC internal and external system tickets and managed audit support and access certification for compliance processes.Key Roles and Responsibilities:►Created CERT tickets when required to reverse engineer malware►Analyzed infrastructure environment changes in Tripwire►Provided patching requirements using Nexpose reports►Planned and configured Cisco ASA 5585 with Firepower and configured and created policy and rules for Cisco FireSIGHT►Gathered and sanitized evidence for SOC2 Type 1 Audit

Developed proposals on operational changes to meet ITIL and InfoSec goals. Analyzed vulnerability reports from Nessus Scanner and proposed patching to IT Infrastructure team.Key Roles and Responsibilities:►Managed identity and access management system through QRadar and Active Directory and analyzed logs from Cisco Sourcefire, QRadar, and Websense to escalate actionable items or tune InfoSec tools►Handled InfoSec internal and external system tickets►Oversaw access list and Cisco ASA Firewall configurations►Created IT governance plan for one of GAF’s holding companies►Developed proposal and project plan, implemented security and network segregation, mock SEC audit, and policy structure for GAF and holding company IT and data security►Managed Forescout, Websense DLP system, and data classification

Developed proposal and project plan and implemented information security program, Good Mobile, and XenApp/XenDesktop; updates for network infrastructure and security, Exchange 2010 SP3, Office and Exchange 365, and Palo Alto Firewall; and transitions of McAfee policy to Kaspersky and Blackberry to iPhone.Key Roles and Responsibilities:►Managed deployment and maintenance of Forescout►Oversaw access management for cloud environment through Cloud Access Security Broker (CASB)

Managed migration from Configuration Manager 2007 to Configuration Manager 2012 and IT360 to build 10.1.1.Key Roles and Responsibilities:►Launched Mobile Iron

Developed curriculum for 60 students in 2 classes and provided instruction to prepare students for CompTIA Network+ and Security+ exams.Key Roles and Responsibilities:►Maintained 90% student retention rate►Prepared for ACICS audit►Member of Academic Advisory Board

Created IT infrastructure, including configuring and maintaining Sonic Wall firewall and managed vendor relationships.Key Roles and Responsibilities:►Led implementation of Salesforce with QuickBooks to streamline sales►Created and managed company website with .NET content management system

Created network infrastructure and installed, configured, and maintained SonicWall firewall.Key Roles and Responsibilities:►Coordinated agreements with Fonality and XO Communications

Established IT department with PCI, SOX, and HIPAA compliant end-to-end global IT Infrastructure.Key Roles and Responsibilities:►Managed 8 direct reports, hiring, terminations, performance reviews, and $2.5 million budget►Organized mobile device plan with AT&T for over 300 end users

Movement Control with the 436th Transportation Regiment.